mercurius — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in mercurius, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-30241	Mercurius: queryDepth limit bypassed for WebSocket subscriptions CWE-863	7.5	-	2026-03-06
CVE-2025-64166	Mercurius: Incorrect Content-Type parsing can lead to CSRF attack CWE-352	5.4	Medium	2026-03-05
CVE-2023-22477	Mercurius is vulnerable to denial of service (DoS) when using subscriptions CWE-248	5.3	Medium	2023-01-09
CVE-2021-43801	Uncaught Exception in mercurius CWE-754	7.5	High	2021-12-13

All 4 known CVE vulnerabilities affecting mercurius with full Chinese analysis, references, and POCs where available.